package com.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Arrays;
import java.util.List;
import java.util.Map;

@RestController
public class UserInfoController {


    @PreAuthorize("hasAuthority('SCOPE_user_id')")
    @GetMapping("/user/info")
    public Map<String, Object> userInfo(){

        Jwt principal = (Jwt) SecurityContextHolder.getContext().getAuthentication().getPrincipal();

        return principal.getClaims();
    }

    @PreAuthorize("hasAuthority('SCOPE_friends_list')")
    @GetMapping("/friends/list")
    public List<String> friendsList(){
        return Arrays.asList(
                "小白",
                "皮卡多",
                "吃米线"
        );
    }

}
